Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: XML WCF
i am developing a duplex federated wcf service, my federation scenario is working fine but when i tried to make it duplex to an exception is thrown "The incoming policy could not be validated"
 
i think its issue with my configurations but am still not able to trace out the mistake
 
Following are my configuration:
 
1. For my main service:
<system.serviceModel>
    <behaviors>
        <serviceBehaviors>
            <behavior name='MyServiceBehavior'>
                <serviceAuthorization serviceAuthorizationManagerType='MyService.MyServiceAuthorizationManager, My Service' />
                <serviceCredentials>
                    <serviceCertificate storeLocation='LocalMachine'
                                        storeName='My'
                                        x509FindType='FindBySubjectName'
                                        findValue='BookStoreService.com' />
                    <issuedTokenAuthentication>
                        <allowedAudienceUris>
                            <add allowedAudienceUri='http://localhost:53121/MyService.svc/GetResponse'/>
                            <add allowedAudienceUri='http://localhost:53121/MyService.svc/PerformOperation'/>
                        </allowedAudienceUris>
                        <knownCertificates>
                            <add  storeLocation ='LocalMachine'
                                  storeName ='TrustedPeople'
                                  x509FindType ='FindBySubjectName'
                                  findValue ='HomeRealmSTS.com' />
                        </knownCertificates>
                    </issuedTokenAuthentication>
                </serviceCredentials>
                <serviceMetadata httpGetEnabled ='true'/>
            </behavior>
        </serviceBehaviors>
    </behaviors>
    <bindings>
        <customBinding>
            <binding name='MyServiceBinding'>
                <security authenticationMode='SecureConversation'>
                    <secureConversationBootstrap authenticationMode='IssuedTokenForCertificate'/>
                    <issuedTokenParameters>
                        <issuerMetadata address='http://localhost:62751/TokenIssuer.svc/mex'/>
                    </issuedTokenParameters>
                </security>
                <compositeDuplex/>
                <oneWay/>
                <httpTransport/>
            </binding>
        </customBinding>
    </bindings>
    <services>
        <service name="MyService.MyService"
                           behaviorConfiguration='MyServiceBehavior'>
            <endpoint address="Response"
                                  binding="customBinding"
                                  bindingConfiguration='MyServiceBinding'
                                  contract="MyService.IMyService" />
            <endpoint address="mex"
                      binding="mexHttpBinding"
                      contract="IMetadataExchange" />
        </service>
    </services>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
2. STS Configurations
<pre lang="xml"><system.serviceModel>
    <behaviors>
        <serviceBehaviors>
            <behavior>
                <serviceCredentials>
                    <serviceCertificate storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" findValue="HomeRealmSTS.com"/>
                </serviceCredentials>
                <serviceMetadata httpGetEnabled="true"/>
            </behavior>
        </serviceBehaviors>
    </behaviors>
    <protocolMapping>
        <add scheme="http" binding="wsHttpBinding"/>
    </protocolMapping>
</system.serviceModel>
and 3. Client Configurations
<system.serviceModel>
    <bindings>
        <customBinding>
                <binding name='MyServiceBinding'>
                    <security authenticationMode='SecureConversation'>
                        <secureConversationBootstrap authenticationMode='IssuedTokenForCertificate'/>
                        <issuedTokenParameters>
                            <issuer address='http://localhost:62751/TokenIssuer.svc' binding='wsHttpBinding' bindingConfiguration='MyTokenIssuer'/>
                        </issuedTokenParameters>
                    </security>
                    <compositeDuplex/>
                    <oneWay/>
                    <httpTransport/>
                </binding>
        </customBinding>
        <wsHttpBinding>
            <binding name="MyTokenIssuer">
                <security mode="Message"/>
            </binding>
        </wsHttpBinding>
    </bindings>
    <behaviors>
        <endpointBehaviors>
            <behavior name="GetResponseClientBehavior">
                <clientCredentials>
                    <serviceCertificate>
                        <authentication certificateValidationMode="PeerOrChainTrust"/>
                    </serviceCertificate>
                </clientCredentials>
            </behavior>
        </endpointBehaviors>
    </behaviors>
    <client>
        <endpoint name="WSFederationHttpBinding_IMyService" address="http://localhost:53121/MyService.svc/Response" binding="customBinding" bindingConfiguration="MyServiceBinding" behaviorConfiguration="GetResponseClientBehavior" contract="IMyService">
            <identity>
                <certificateReference storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" findValue="BookStoreService.com"/>
            </identity>
        </endpoint>
    </client>        
</system.serviceModel>
Posted 12-Sep-12 22:28pm

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web03 | 2.8.1411022.1 | Last Updated 13 Sep 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100